package com.example.userservice;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.oauth2.client.userinfo.OAuth2UserService;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.security.web.util.matcher.RequestMatcher;

@Configuration
@EnableWebSecurity
public class SecurityConfig {
    @Bean
    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
        return http.authorizeHttpRequests(
                registry -> registry
                        .requestMatchers(antMatchers("/test", "/getUserById/**"))
                        .permitAll()
        )
                .cors(configurer -> configurer.configure(http))
                .build();
    }

    private RequestMatcher[] antMatchers(String... patterns)
    {
        var antMatchers = new RequestMatcher[patterns.length];
        for(var i = 0; i < patterns.length; i++) {
            antMatchers[i] = AntPathRequestMatcher.antMatcher(patterns[i]);
        }

        return antMatchers;
    }
}
